Untitled
unknown
sh
2 years ago
34 kB
5
Indexable
ttdat2@ttdat2:~/Documents/TAIT-AXIOM-cloud-portal/infrastructure/axiom/dev/global$ tf plan -var-file values.tfvars -var-file ../common.tfvars
module.ec2_key_pair.tls_private_key.this[0]: Refreshing state... [id=2e83333f9b1ba70465030ee73dbe2a9eecdfb5a0]
module.bastion_host_key_pair.tls_private_key.this[0]: Refreshing state... [id=5782a053f856b2173cf9415fe2e11014e70ef3d5]
module.ec2_bastion.data.aws_region.default: Reading...
module.ec2_bastion.data.aws_region.default: Read complete after 0s [id=ap-southeast-2]
module.ec2_bastion.data.aws_iam_policy_document.default: Reading...
module.ec2_key_pair.aws_key_pair.this[0]: Refreshing state... [id=axiom-dev-ec2-key]
module.dev_axiom_acm["lb_internal_global"].aws_acm_certificate.this[0]: Refreshing state... [id=arn:aws:acm:ap-southeast-2:230407402264:certificate/5c3e7b9c-6a0f-4f22-8a11-f76a4da90576]
data.aws_route53_zone.this: Reading...
module.ec2_bastion.data.aws_iam_policy_document.main: Reading...
module.dev_axiom_acm["lb_public_jkc"].aws_acm_certificate.this[0]: Refreshing state... [id=arn:aws:acm:ap-southeast-2:230407402264:certificate/b82827cb-a0ed-4c03-a123-8e5b8308a0c0]
module.ec2_bastion.data.aws_iam_policy_document.default: Read complete after 0s [id=2851119427]
module.records_public_jkc.data.aws_route53_zone.this[0]: Reading...
data.aws_ami.amazon_ubuntu: Reading...
module.global_vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0da6435ce397fe909]
module.records_internal_global.data.aws_route53_zone.this[0]: Reading...
module.dev_axiom_acm["lb_public_global"].aws_acm_certificate.this[0]: Refreshing state... [id=arn:aws:acm:ap-southeast-2:230407402264:certificate/7a8d4e40-3df7-4e89-91db-121f25e1f991]
module.ec2_bastion.data.aws_iam_policy_document.main: Read complete after 1s [id=1360668109]
module.s3_bucket.aws_s3_bucket.this[0]: Refreshing state... [id=axiom-dev-public]
module.ec2_bastion.data.aws_ami.default[0]: Reading...
data.aws_ami.amazon_ubuntu: Read complete after 1s [id=ami-0df609f69029c9bdb]
module.bastion_host_key_pair.aws_key_pair.this[0]: Refreshing state... [id=axiom-dev-bastion-key]
module.global_efs.aws_efs_file_system.default[0]: Refreshing state... [id=fs-04b9d0574e6238278]
module.global_vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-048fae70b4f0bdeb0]
module.global_vpc.aws_eip.nat[1]: Refreshing state... [id=eipalloc-0892d8437d28a88ac]
module.records_public_global.data.aws_route53_zone.this[0]: Reading...
module.ec2_bastion.data.aws_ami.default[0]: Read complete after 0s [id=ami-072fc55fb5b1df806]
module.s3_bucket.data.aws_canonical_user_id.this: Reading...
module.ec2_bastion.aws_iam_role.default[0]: Refreshing state... [id=axiom-dev-bastion-host]
local_sensitive_file.pem_file: Refreshing state... [id=dff1fe88f658793307308d0b48d0f45bda25662e]
local_sensitive_file.bastion_pem_file: Refreshing state... [id=af19b97a5ceec1982719b7bd17555e129f90207b]
module.global_efs.aws_efs_backup_policy.policy[0]: Refreshing state... [id=fs-04b9d0574e6238278]
module.global_alb_sg.aws_security_group.this_name_prefix[0]: Refreshing state... [id=sg-06a69778b5c6c78fe]
module.global_internal_alb_sg.aws_security_group.this_name_prefix[0]: Refreshing state... [id=sg-0fc9ab55e70da3fea]
module.vpc_peer_global_sg.aws_security_group.this_name_prefix[0]: Refreshing state... [id=sg-0b6c1bea36a33ed61]
module.s3_bucket.data.aws_canonical_user_id.this: Read complete after 1s [id=5943380a7920940a6fa6bad40a31e017e073be3e5355146c2791e4ce8843e700]
module.global_instance_sg.aws_security_group.this_name_prefix[0]: Refreshing state... [id=sg-00dc2c158c2417082]
module.records_internal_global.data.aws_route53_zone.this[0]: Read complete after 2s [id=Z055671432S0S634NTHU1]
module.bastion_sg.aws_security_group.this_name_prefix[0]: Refreshing state... [id=sg-0be8a41878c5c0bea]
module.global_vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-0bf699127ba5aa004]
module.global_vpc.aws_route_table.private[1]: Refreshing state... [id=rtb-0215738c8f4467a00]
module.records_public_global.data.aws_route53_zone.this[0]: Read complete after 2s [id=Z055671432S0S634NTHU1]
module.global_vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-0dd17b5c7989cac8d]
data.aws_route53_zone.this: Read complete after 3s [id=Z055671432S0S634NTHU1]
module.global_vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-0cbef3f74b7d3b957]
module.global_vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-047cce54d2152b804]
module.global_vpc.aws_subnet.database[1]: Refreshing state... [id=subnet-08bbcaddbf58bb2ff]
module.global_vpc.aws_subnet.database[0]: Refreshing state... [id=subnet-0d472a954684195f2]
module.global_vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-01e839005748d824b]
module.global_vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-0a7b40ee5bd896fd6]
module.records_public_jkc.data.aws_route53_zone.this[0]: Read complete after 3s [id=Z055671432S0S634NTHU1]
module.global_vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-0e526ebceabbd55dc]
module.ec2_bastion.aws_iam_role_policy.main[0]: Refreshing state... [id=axiom-dev-bastion-host:axiom-dev-bastion-host]
module.ec2_bastion.aws_iam_instance_profile.default[0]: Refreshing state... [id=axiom-dev-bastion-host]
module.global_internal_alb_sg.aws_security_group_rule.ingress_with_self[0]: Refreshing state... [id=sgrule-1933407901]
module.global_internal_alb_sg.aws_security_group_rule.egress_rules[0]: Refreshing state... [id=sgrule-1101408001]
module.global_internal_alb_sg.aws_security_group_rule.ingress_rules[0]: Refreshing state... [id=sgrule-2559529377]
module.global_internal_alb_sg.aws_security_group_rule.ingress_rules[1]: Refreshing state... [id=sgrule-223549111]
module.global_alb_sg.aws_security_group_rule.ingress_rules[1]: Refreshing state... [id=sgrule-236079876]
module.global_alb_sg.aws_security_group_rule.ingress_rules[0]: Refreshing state... [id=sgrule-1307854855]
module.global_alb_sg.aws_security_group_rule.egress_rules[0]: Refreshing state... [id=sgrule-2812078898]
module.global_alb_sg.aws_security_group_rule.ingress_with_self[0]: Refreshing state... [id=sgrule-1283934780]
module.dev_axiom_acm["lb_internal_global"].aws_route53_record.validation[0]: Refreshing state... [id=Z055671432S0S634NTHU1__adb4107579084b1a859509d305d3a777.dev.internal.taitaxiom.net._CNAME]
module.dev_axiom_acm["lb_public_global"].aws_route53_record.validation[0]: Refreshing state... [id=Z055671432S0S634NTHU1__7b894980b189b2f0a573631922dcab27.dev.taitaxiom.net._CNAME]
module.dev_axiom_acm["lb_public_jkc"].aws_route53_record.validation[0]: Refreshing state... [id=Z055671432S0S634NTHU1__324f9dff18c56b66958527ff4e973533.jkc.dev.taitaxiom.net._CNAME]
module.bastion_sg.aws_security_group_rule.ingress_with_self[0]: Refreshing state... [id=sgrule-4222147668]
module.bastion_sg.aws_security_group_rule.ingress_rules[0]: Refreshing state... [id=sgrule-4284525822]
module.bastion_sg.aws_security_group_rule.egress_rules[0]: Refreshing state... [id=sgrule-397094554]
module.global_instance_sg.aws_security_group_rule.ingress_rules[0]: Refreshing state... [id=sgrule-3155990802]
module.global_instance_sg.aws_security_group_rule.ingress_with_self[0]: Refreshing state... [id=sgrule-1627724821]
module.global_instance_sg.aws_security_group_rule.egress_rules[0]: Refreshing state... [id=sgrule-2017164023]
module.global_instance_sg.aws_security_group_rule.ingress_with_source_security_group_id[1]: Refreshing state... [id=sgrule-3363319852]
module.global_instance_sg.aws_security_group_rule.ingress_with_source_security_group_id[0]: Refreshing state... [id=sgrule-4115184472]
module.vpc_peer_global_sg.aws_security_group_rule.egress_rules[0]: Refreshing state... [id=sgrule-176287787]
module.vpc_peer_global_sg.aws_security_group_rule.ingress_with_self[0]: Refreshing state... [id=sgrule-2510975806]
module.vpc_peer_global_sg.aws_security_group_rule.ingress_rules[0]: Refreshing state... [id=sgrule-1390332429]
module.global_vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-0502363a53e3f4133]
module.global_vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-0247b677e6f9e2d53]
module.global_vpc.aws_route_table_association.database[0]: Refreshing state... [id=rtbassoc-0b2045663a68e4b90]
module.global_vpc.aws_route_table_association.database[1]: Refreshing state... [id=rtbassoc-05d4554c58e67ab89]
module.global_vpc.aws_db_subnet_group.database[0]: Refreshing state... [id=axiom-dev-global-vpc]
module.global_vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-01e839005748d824b1080289494]
module.global_vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-003924971890b4784]
module.global_vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-083998ffa1625060b]
module.global_vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-04905d4dd70f55897]
module.global_vpc.aws_nat_gateway.this[1]: Refreshing state... [id=nat-0a4d123b0e95643c4]
module.s3_bucket.time_sleep.wait_5_seconds: Refreshing state... [id=2023-05-10T09:31:33Z]
module.s3_bucket.aws_s3_bucket_versioning.this[0]: Refreshing state... [id=axiom-dev-public]
module.s3_bucket.data.aws_iam_policy_document.require_latest_tls[0]: Reading...
module.s3_bucket.data.aws_iam_policy_document.require_latest_tls[0]: Read complete after 0s [id=1020211636]
module.s3_bucket.data.aws_iam_policy_document.deny_insecure_transport[0]: Reading...
module.s3_bucket.data.aws_iam_policy_document.deny_insecure_transport[0]: Read complete after 0s [id=139497408]
module.s3_bucket.aws_s3_bucket_cors_configuration.this[0]: Refreshing state... [id=axiom-dev-public]
module.dev_axiom_acm["lb_public_jkc"].aws_acm_certificate_validation.this[0]: Refreshing state... [id=2023-09-14 08:49:36.345 +0000 UTC]
module.dev_axiom_acm["lb_internal_global"].aws_acm_certificate_validation.this[0]: Refreshing state... [id=2023-04-18 09:19:58.208 +0000 UTC]
module.dev_axiom_acm["lb_public_global"].aws_acm_certificate_validation.this[0]: Refreshing state... [id=2023-04-18 09:20:02.494 +0000 UTC]
module.public_jkc_alb.aws_lb.this[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:loadbalancer/app/axiom-dev-public-jkc-alb/d889359f6017c8bd]
module.internal_global_alb.aws_lb.this[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:loadbalancer/app/axiom-dev-internal-global-alb/bce0b29a945ac6a5]
module.ec2_bastion.aws_instance.default[0]: Refreshing state... [id=i-0e6d7a6d17e0427b6]
module.public_global_alb.aws_lb.this[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:loadbalancer/app/axiom-dev-public-global-alb/865d3c3f0f613da3]
module.s3_bucket.aws_s3_bucket_acl.this[0]: Refreshing state... [id=axiom-dev-public,public-read]
module.s3_bucket.data.aws_iam_policy_document.combined[0]: Reading...
module.s3_bucket.data.aws_iam_policy_document.combined[0]: Read complete after 0s [id=926642990]
module.global_vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-0bf699127ba5aa0041080289494]
module.global_vpc.aws_route.private_nat_gateway[1]: Refreshing state... [id=r-rtb-0215738c8f4467a001080289494]
module.global_efs.module.security_group.aws_security_group.default[0]: Refreshing state... [id=sg-03c7ee256dcf0e065]
module.global_instances["one"].aws_instance.this[0]: Refreshing state... [id=i-04fb0eb7144c3897e]
module.s3_bucket.aws_s3_bucket_policy.this[0]: Refreshing state... [id=axiom-dev-public]
module.global_efs.module.security_group.aws_security_group_rule.keyed["_allow_all_egress_"]: Refreshing state... [id=sgrule-2837459592]
module.global_efs.module.security_group.aws_security_group_rule.keyed["_list_[0]"]: Refreshing state... [id=sgrule-2724511909]
module.global_efs.aws_efs_mount_target.default[0]: Refreshing state... [id=fsmt-03927a7300b8e5302]
module.s3_bucket.aws_s3_bucket_public_access_block.this[0]: Refreshing state... [id=axiom-dev-public]
module.s3_bucket.aws_s3_bucket_ownership_controls.this[0]: Refreshing state... [id=axiom-dev-public]
module.records_public_jkc.aws_route53_record.this["jkc.dev CNAME"]: Refreshing state... [id=Z055671432S0S634NTHU1_jkc.dev.taitaxiom.net_CNAME]
module.records_internal_global.aws_route53_record.this["dev.internal CNAME"]: Refreshing state... [id=Z055671432S0S634NTHU1_dev.internal.taitaxiom.net_CNAME]
module.records_public_global.aws_route53_record.this["dev CNAME"]: Refreshing state... [id=Z055671432S0S634NTHU1_dev.taitaxiom.net_CNAME]
module.ec2_bastion.aws_eip.default[0]: Refreshing state... [id=eipalloc-061be3f76c1951df6]
module.internal_global_alb.aws_lb_target_group.main[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gi12023041809220502280000000a/20ab8ea31e001193]
module.public_global_alb.aws_lb_target_group.main[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gp12023041809220510050000000b/e5fda6568f96092c]
module.public_jkc_alb.aws_lb_target_group.main[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gp120230914085119790000000002/fa76eead16259a21]
module.public_global_alb.aws_lb_target_group_attachment.this["0.global_ec2_one"]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gp12023041809220510050000000b/e5fda6568f96092c-2023041809220637300000000d]
module.internal_global_alb.aws_lb_target_group_attachment.this["0.global_ec2_one"]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gi12023041809220502280000000a/20ab8ea31e001193-2023041809220635700000000c]
module.public_global_alb.aws_lb_listener.frontend_http_tcp[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-global-alb/865d3c3f0f613da3/5359269e63f5845d]
module.public_global_alb.aws_lb_listener.frontend_https[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-global-alb/865d3c3f0f613da3/e074ce8e88f8fbc1]
module.internal_global_alb.aws_lb_listener.frontend_https[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-internal-global-alb/bce0b29a945ac6a5/8942fa9a1df16f73]
module.internal_global_alb.aws_lb_listener.frontend_http_tcp[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-internal-global-alb/bce0b29a945ac6a5/67d72b3af97231a5]
module.public_jkc_alb.aws_lb_target_group_attachment.this["0.global_ec2_one"]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:targetgroup/gp120230914085119790000000002/fa76eead16259a21-20230914085123085600000003]
module.public_jkc_alb.aws_lb_listener.frontend_http_tcp[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-jkc-alb/d889359f6017c8bd/146f0868bcc41f68]
module.public_jkc_alb.aws_lb_listener.frontend_https[0]: Refreshing state... [id=arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-jkc-alb/d889359f6017c8bd/b95bdc628e014f62]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:
# module.bastion_sg.aws_security_group.this_name_prefix[0] has changed
~ resource "aws_security_group" "this_name_prefix" {
id = "sg-0be8a41878c5c0bea"
~ ingress = [
- {
- cidr_blocks = [
- "103.108.136.130/32",
- "202.37.96.0/23",
- "114.23.100.143/32",
]
- description = "SSH"
- from_port = 22
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 22
},
+ {
+ cidr_blocks = [
+ "202.37.96.0/23",
+ "103.199.5.237/32",
]
+ description = "SSH"
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
- {
- cidr_blocks = [
- "3.104.121.85/32",
]
- description = "SSH"
- from_port = 22
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 22
},
# (1 unchanged element hidden)
]
name = "axiom-dev-bastion-sg-20230512101549435800000001"
tags = {
"BillOwner" = "axiom"
"Environment" = "dev"
"Name" = "axiom-dev-bastion-sg"
"ProjectName" = "axiom"
}
# (8 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.dev_axiom_acm["lb_public_jkc"].aws_acm_certificate.this[0] has changed
~ resource "aws_acm_certificate" "this" {
id = "arn:aws:acm:ap-southeast-2:230407402264:certificate/b82827cb-a0ed-4c03-a123-8e5b8308a0c0"
+ not_after = "2024-10-12T23:59:59Z"
+ not_before = "2023-09-14T00:00:00Z"
~ renewal_eligibility = "INELIGIBLE" -> "ELIGIBLE"
~ status = "PENDING_VALIDATION" -> "ISSUED"
+ tags = {}
# (11 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.ec2_bastion.aws_instance.default[0] has changed
~ resource "aws_instance" "default" {
id = "i-0e6d7a6d17e0427b6"
tags = {
"Name" = "axiom-dev-bastion-host"
}
# (34 unchanged attributes hidden)
~ metadata_options {
+ http_protocol_ipv6 = "disabled"
# (4 unchanged attributes hidden)
}
# (7 unchanged blocks hidden)
}
# module.global_efs.aws_efs_file_system.default[0] has changed
~ resource "aws_efs_file_system" "default" {
id = "fs-04b9d0574e6238278"
+ name = "axiom-dev-global-efs"
~ size_in_bytes = [
~ {
~ value = 651163648 -> 742641664
~ value_in_ia = 434438144 -> 506097664
~ value_in_standard = 216725504 -> 236544000
},
]
tags = {
"BillOwner" = "axiom"
"Environment" = "dev"
"Name" = "axiom-dev-global-efs"
"ProjectName" = "axiom"
}
# (11 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.global_vpc.aws_nat_gateway.this[0] has changed
~ resource "aws_nat_gateway" "this" {
id = "nat-04905d4dd70f55897"
+ secondary_allocation_ids = []
+ secondary_private_ip_address_count = 0
+ secondary_private_ip_addresses = []
tags = {
"BillOwner" = "axiom"
"Environment" = "dev"
"Name" = "axiom-dev-global-vpc-ap-southeast-2a"
"ProjectName" = "axiom"
}
# (8 unchanged attributes hidden)
}
# module.global_vpc.aws_nat_gateway.this[1] has changed
~ resource "aws_nat_gateway" "this" {
id = "nat-0a4d123b0e95643c4"
+ secondary_allocation_ids = []
+ secondary_private_ip_address_count = 0
+ secondary_private_ip_addresses = []
tags = {
"BillOwner" = "axiom"
"Environment" = "dev"
"Name" = "axiom-dev-global-vpc-ap-southeast-2b"
"ProjectName" = "axiom"
}
# (8 unchanged attributes hidden)
}
# module.public_jkc_alb.aws_lb_listener.frontend_http_tcp[0] has changed
~ resource "aws_lb_listener" "frontend_http_tcp" {
id = "arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-jkc-alb/d889359f6017c8bd/146f0868bcc41f68"
+ tags = {}
# (5 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.public_jkc_alb.aws_lb_listener.frontend_https[0] has changed
~ resource "aws_lb_listener" "frontend_https" {
id = "arn:aws:elasticloadbalancing:ap-southeast-2:230407402264:listener/app/axiom-dev-public-jkc-alb/d889359f6017c8bd/b95bdc628e014f62"
+ tags = {}
# (7 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# local_sensitive_file.bastion_pem_file will be created
+ resource "local_sensitive_file" "bastion_pem_file" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "700"
+ file_permission = "600"
+ filename = "./bastion.pem"
+ id = (known after apply)
}
# local_sensitive_file.pem_file will be created
+ resource "local_sensitive_file" "pem_file" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "700"
+ file_permission = "600"
+ filename = "./ec2.pem"
+ id = (known after apply)
}
# module.bastion_sg.aws_security_group_rule.ingress_rules[0] must be replaced
-/+ resource "aws_security_group_rule" "ingress_rules" {
~ cidr_blocks = [ # forces replacement
# (1 unchanged element hidden)
"103.199.5.237/32",
+ "3.104.121.85/32",
]
~ id = "sgrule-4284525822" -> (known after apply)
+ security_group_rule_id = (known after apply)
+ source_security_group_id = (known after apply)
# (9 unchanged attributes hidden)
}
# module.ec2_bastion.aws_eip.default[0] will be updated in-place
~ resource "aws_eip" "default" {
id = "eipalloc-061be3f76c1951df6"
~ instance = "i-0e6d7a6d17e0427b6" -> (known after apply)
tags = {
"Name" = "axiom-dev-bastion-host"
}
# (12 unchanged attributes hidden)
}
# module.ec2_bastion.aws_instance.default[0] must be replaced
-/+ resource "aws_instance" "default" {
~ ami = "ami-0fa557cdf74e148d5" -> "ami-072fc55fb5b1df806" # forces replacement
~ arn = "arn:aws:ec2:ap-southeast-2:230407402264:instance/i-0e6d7a6d17e0427b6" -> (known after apply)
~ availability_zone = "ap-southeast-2a" -> (known after apply)
~ cpu_core_count = 1 -> (known after apply)
~ cpu_threads_per_core = 1 -> (known after apply)
~ disable_api_stop = false -> (known after apply)
~ ebs_optimized = false -> (known after apply)
- hibernation = false -> null
+ host_id = (known after apply)
+ host_resource_group_arn = (known after apply)
~ id = "i-0e6d7a6d17e0427b6" -> (known after apply)
~ instance_initiated_shutdown_behavior = "stop" -> (known after apply)
+ instance_lifecycle = (known after apply)
~ instance_state = "running" -> (known after apply)
~ ipv6_address_count = 0 -> (known after apply)
~ ipv6_addresses = [] -> (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
~ placement_partition_number = 0 -> (known after apply)
~ primary_network_interface_id = "eni-061620af038cf6e02" -> (known after apply)
~ private_dns = "ip-10-98-0-129.ap-southeast-2.compute.internal" -> (known after apply)
~ private_ip = "10.98.0.129" -> (known after apply)
~ public_dns = "ec2-52-62-172-216.ap-southeast-2.compute.amazonaws.com" -> (known after apply)
~ public_ip = "52.62.172.216" -> (known after apply)
~ secondary_private_ips = [] -> (known after apply)
~ security_groups = [] -> (known after apply)
+ spot_instance_request_id = (known after apply)
tags = {
"Name" = "axiom-dev-bastion-host"
}
~ tenancy = "default" -> (known after apply)
+ user_data_base64 = (known after apply)
# (13 unchanged attributes hidden)
~ capacity_reservation_specification {
~ capacity_reservation_preference = "open" -> (known after apply)
+ capacity_reservation_target {
+ capacity_reservation_id = (known after apply)
+ capacity_reservation_resource_group_arn = (known after apply)
}
}
~ cpu_options {
+ amd_sev_snp = (known after apply)
~ core_count = 1 -> (known after apply)
~ threads_per_core = 1 -> (known after apply)
}
- credit_specification {
- cpu_credits = "standard" -> null
}
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
~ enclave_options {
~ enabled = false -> (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ instance_market_options {
+ market_type = (known after apply)
+ spot_options {
+ instance_interruption_behavior = (known after apply)
+ max_price = (known after apply)
+ spot_instance_type = (known after apply)
+ valid_until = (known after apply)
}
}
~ maintenance_options {
~ auto_recovery = "default" -> (known after apply)
}
~ metadata_options {
~ instance_metadata_tags = "disabled" -> (known after apply)
# (4 unchanged attributes hidden)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_card_index = (known after apply)
+ network_interface_id = (known after apply)
}
~ private_dns_name_options {
~ enable_resource_name_dns_a_record = false -> (known after apply)
~ enable_resource_name_dns_aaaa_record = false -> (known after apply)
~ hostname_type = "ip-name" -> (known after apply)
}
~ root_block_device {
~ device_name = "/dev/xvda" -> (known after apply)
~ iops = 0 -> (known after apply)
~ kms_key_id = "arn:aws:kms:ap-southeast-2:230407402264:key/54a320af-91ac-4543-97ac-58bff64f5403" -> (known after apply)
- tags = {} -> null
~ throughput = 0 -> (known after apply)
~ volume_id = "vol-06ef619d303765455" -> (known after apply)
~ volume_type = "standard" -> (known after apply)
# (3 unchanged attributes hidden)
}
}
Plan: 4 to add, 1 to change, 2 to destroy.
Changes to Outputs:
~ acm = {
~ lb_public_jkc = {
~ acm_certificate_status = "PENDING_VALIDATION" -> "ISSUED"
# (6 unchanged elements hidden)
}
# (2 unchanged elements hidden)
}
~ ec2_bastion = {
~ arn = "arn:aws:ec2:ap-southeast-2:230407402264:instance/i-0e6d7a6d17e0427b6" -> (known after apply)
~ id = "i-0e6d7a6d17e0427b6" -> (known after apply)
~ instance_id = "i-0e6d7a6d17e0427b6" -> (known after apply)
name = "axiom-dev-bastion-host"
~ private_dns = "ip-10-98-0-129.ap-southeast-2.compute.internal" -> (known after apply)
~ private_ip = "10.98.0.129" -> (known after apply)
# (9 unchanged elements hidden)
}
╷
│ Warning: Value for undeclared variable
│
│ The root module does not declare a variable named "regional_image_name" but a value was found in file "../common.tfvars". If you meant to use this value, add a "variable" block to the configuration.
│
│ To silence these warnings, use TF_VAR_... environment variables to provide certain "global" settings to all configurations in your organization. To reduce the verbosity of these warnings, use the -compact-warnings option.
╵
╷
│ Warning: Value for undeclared variable
│
│ The root module does not declare a variable named "global_alb_internal_sg_desc" but a value was found in file "values.tfvars". If you meant to use this value, add a "variable" block to the configuration.
│
│ To silence these warnings, use TF_VAR_... environment variables to provide certain "global" settings to all configurations in your organization. To reduce the verbosity of these warnings, use the -compact-warnings option.
╵
╷
│ Warning: Values for undeclared variables
│
│ In addition to the other similar warnings shown, 4 other variable(s) defined without being declared.
╵
╷
│ Warning: Argument is deprecated
│
│ with module.ec2_bastion.aws_eip.default,
│ on .terraform/modules/ec2_bastion/main.tf line 98, in resource "aws_eip" "default":
│ 98: vpc = true
│
│ use domain attribute instead
│
│ (and 4 more similar warnings elsewhere)
╵
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.Editor is loading...